Privacy & Reputation Management

Data privacy is increasingly being used to protect hard-earned reputations.

Much of our work is high profile and involves a media element. After all, a subject access request by an aggrieved ex-employee with a social media account has the potential to cause just as much damage as an information security breach or a request under freedom of information legislation by a journalist writing a story about your organisation.

Our advice spans the full range of rights and remedies available to businesses and individuals under data privacy and related legislation. From advice on how to avoid, prepare for and deal with information security breaches, to uncovering objectionable content, to revealing sources or preventing use of that content – including by asserting a right to be forgotten. We also have considerable experience in the application of relevant exemptions such as the journalistic purpose.

Where appropriate, we obtain court orders to identify wrong-doers and injunctions to prevent the unlawful use of information or to require its preservation or delivery up, often on short notice.

Coupled with our recognised expertise in publication proceedings, ranging from defamation, misuse of private information and breach of confidence to exercising your intellectual property rights, we have all the skills to help manage your reputation. This includes advising on related criminal matters, such as offences under computer misuse, data protection and communications legislation, harassment and blackmail, as well as prosecutions (whether by the Crown and privately).

It’s not just about Getting(G) Data(D) Protection(P) Ready(R): some digital businesses and infrastructure providers shouldn’t forget to be ‘NIS’

11 July 2017

May 2018 is a month which will already be highlighted in the calendars of those responsible for their organisations’ compliance with the General Data Protection Regulation (GDPR). It’s now under a year away. But for some digital businesses and infrastructure providers, when it comes to security risk management and reporting obligations, the GDPR isn’t the whole story.